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REAL PARTY US INTEREST 

The real party in interest in this appeal is the following party: International Business Machines 
Corporation. 
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RELATED APPEALS AND INTERFERENCES 

With respect to other appeals or interferences that will directly affect, or be directly affected by, or 
have a bearing on the Board's decision in the pending appeal, there are no such appeals or 
interferences. 
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STATUS OF CLAIMS 



A, TOTAL NUMBER OF CLAIMS IN APPLICATION 

Claims in the appli cation are: 1-24 

B. STATUS OF ALL THE CLAIMS IN APPLICATION 

1. Claims canceled: none 

2. Claims withdrawn from consideration but not canceled: none 

3. Claims pending: 1-24 

4. Claims allowed: none 

5. Claims rejected: 1-24 

C- CLAIMS ON APPEAL 
The claims on appeal are: 1-24 
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STATUS OF AMENDMENTS 

An amendment after final was filed by Appellants on November 2, 2004, and such amendment 
was not entered by the Examiner, 
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SUMMARY OF CLAIMED SIIR.TECT MATTER 



A. CLAIM 1 - INDEPENDENT 

The present invention of Claim 1 is generally directed to facilitating the creation of 
privacy policies in a data processing system. Through a synergistic combination of data 
elements, groups and privacy policies, the present invention greatly improves and better facilities 
a user's ability to define/edit privacy policies when compared to prior privacy techniques which 
required detailed and extensive user interviews to establish a user's privacy requirements. The 
data processing apparatus-implemented method is particular advantageous in facilitating an 
improved user interface for creating privacy policies in a data processing system. 

Specifically, Claim 1 is directed to a data processing apparatus-implemented method for 
creating a privacy policy. A policy group is created (Specification page 19, lines 2-6; Figure 7, 
step 714). A data element is moved to the policy group (Specification page 19, lines 10-22; 
Figure 7, step 718). A privacy policy is generated based upon the policy group (Specification 
page 21 , lines 1-15; Figure 7, step 710 and Figure 8, steps 810-824). 

B. CLAIM 12 - INDEPENDENT 

Claim 12 is directed to an apparatus for creating a privacy policy. The apparatus 
comprises creation means for creating a policy group (Specification page 19 3 lines 2-6; Figure 7, 
step 714, with corresponding structure shown at Figure 1, elements 104, 108, 1 10 and 1 12, 
Figure 2, element 200, and Figure 3, element 300), movement means for moving a data element 
to the policy group (Specification page 19, lines 10-22; Figure 7, step 718, with corresponding 
structure shown at Figure 1, elements 104, 108, 1 10 and 1 1 2, Figure 2, element 200, and Figure 
3, element 300), and generation means for generating a privacy policy based on the policy group 
(Specification page 21, lines 1-15; Figure 7, step 710 and Figure 8, steps 810-824, with 
corresponding structure shown at Figure 1 , elements 104, 108, 1 10 and 1 12, Figure 2, element 
200, and Figure 3, element 300). 
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C. CLAIM 23 - INDEPENDENT 

The present invention of Claim 23 provides an improved user-interface to facilitate co- 
action with a user for creating a privacy policy. Three distinct portions of the user interface 
synergistically co-act with the user and with one another to provide such improved user-interface, 
where information in one portion of the user-interface is used when generating information 
pertaining to other of the portions of the user interface. 

Specifically, Claim 23 is directed to an interface for creating a privacy policy. The 
interface includes (i) a first portion for displaying predefined data elements (Specification page 
1 1, line 29 - page 12, line 7; Figure 4, element 410), (ii) a second portion for displaying groups 
of data elements, wherein a group of data elements shares at least one common property 
(Specification page 12, lines 8-16; Figure 4, element 420), and (iii) a third portion for displaying 
a privacy policy generated from the groups of data elements (Specification page 12, lines 17-29; 
Figure 4, clement 430). 

D- CLAIM 24 - INDEPENDENT 

Claim 24 is directed to a computer program product, in a computer readable medium, for 
creating a privacy policy. The computer program product comprises instructions for creating a 
policy group (Specification page 19, lines 2-6; Figure 7, step 714), instructions for moving a data 
element to the policy group (Specification page 19, lines 10-22; Figure 7, step 718), and 
instructions for generating a privacy policy based on the policy group (Specification page 21, 
lines 1-15; Figure 7, step 710 and Figure 8, steps 810-824). 

E. CLAIM 15 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 15 is shown to be at 
Figure 1, elements 104, 108, 110 and 1 12, Figure 2, element 200, and Figure 3, element 300. 

F. CLAIM 1 6 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 16 is shown to be at 
Figure 1, elements 104, 108, 1 10 and 1 12, Figure 2, element 200, and Figure 3, element 300. 
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G. CLAIM 17 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 17 is shown to be at 
Figure 1, elements 104, 108, 1 10 and 1 12, Figure 2, element 200, and Figure 3, element 300. 

H. CLAIM 1 8 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 1 8 is shown to be at 
Figure 1, elements 1 04, 108, 1 10 and 1 12, Figure 2, element 200, and Figure 3, element 300. 

I. CLAIM 21 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 21 is shown to be at 
Figure 1, elements 104, 108, 110 and 112, Figure 2, element 200, and Figure 3, element 300. 

J. CLAIM 22 - DEPENDENT MEANS-PLUS-FUNCTION 

The corresponding structure for the claimed functions recited in Claim 22 is shown to be at 
Figure 1 , elements 104, 108, 1 10 and 1 12, Figure 2, element 200, and Figure 3, element 300. 
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nPOTlNPS OF BF.TECTION TO «F REVIEWED ON APPEAL 

A. GROUND OF REJECTION 1 (Claims 1-22) 

Claims 1-22 stand rejected under 35 U.S.C. § 101 as being directed to non-statutory subject mat* 

B. GROUND OF REJECTION 2 (Claims 1-24) 

Claims 1-24 stand rejected under 35 U.S.C. § 103 as being unpatentable over Moriconi ct al (US 
Patent 6,158,010) in view of Abraham et al (WO 98/40987). 
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ARGUMENT 

A. GROUND OF REJECTION 1 (Claims 1-22) 

The Examiner rejected Claims 1-22 under 35 U.S.C. § 1 01 as being directed towards non- 
statutory subject matter. This rejection is respectfully traversed. 

A.l. Claims 1-11 

Claim 1 specifically recites adata process ing apparatus-implemented method, and the 
recited steps are Hata. processin g ap paratus-im plemented stem. Contrary to the Examiner's 
statement that Claim 1 "only recites an abstract idea" and 4i This process might be performed 
without the aid of any technology and therefore the claimed method is not within the 
technological arts", Appellants urge that Claim 1 expressly recites technology (a data processing 
apparatus) and therefore is directed to "useful arts". 

Therefore, the Examiner's reasoning in rejecting Claim 1 is shown to be clearly 
erroneous. In addition, and as shown above, Claim 1 properly recites statutory subject matter 
pursuant to 35 U.S.C. §101. 

With respect to dependent Claims 2-1 1, Appellants traverse for reasons given above 

regarding independent Claim 1 . 
A.2. Claim 12-22 

In rejecting Claim 1 2 in the final Office Action (dated 9/9/2004, last paragraph on page 3 
of such Office Action), the Examiner states "In claims 1 and 12 the applicant claims a method for 
creating policy groups, moving a data element between groups and generating a privacy policy 
based upon the policy group". Appellants urge that Claim 12 does not claim a method. Rather, 
Claim 12 expressly recites an apparatus with corresponding '"means for" elements, as shown 
below: 

12. An apparatus for creating a privacy policy, comprising: 
creation means for creating a policy group; 

(Appeal Brief Page 10 of 33) 
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movement means for moving a data element to the policy group; and 
generation means f or generating a privacy policy based on the policy group. 

Per 35 USC 112, 6 th paragraph, "means for" dements shall be construed to cover the 
corresponding or material described in the specification and equivalents thereof. Thus, 

the recited means for elements are shown to not merely describe a process that might be 
performed without the aid of any technology, as alleged by the Examiner. Therefore, the 
Examiner's reasoning regarding Claim 12 in finally rejecting such claim under 35 USC 101 is 
shown to be clear error, as such claim does not merely recite a method or an abstract idea, as 
alleged by the Examiner, but rather explicitly recites an apparatus. Claim 12 is thus shown to 
have been erroneously rejected under 35 U.S.C. § 101. 

With respect to dependent Claims 13-22, Appellants traverse foT reasons given above 
regarding independent Claim 12. 



B- GROUND OF REJECTION 2 (Claims 1-24) 
B,l- Claim 1 (and Claims 12 and 24) 

In rejecting claims under 35 U.S.C. Section 103, the examiner bears the initial burden of 
presenting a prima facie case of obviousness. In re Oetiker, 977 F.2d 1443, 1445, 24 USPQ2d 
1443, 1 444 (Fed. Cir. 1 992). Only if that burden is met, does trie burden of coming forward with 
evidence or argument shift to the applicant. Id. To establish prima facie obviousness of a 
claimed invention, all of the claim hmitations must be taught or suggested by the prior art. 
MPEP 2143.03 (emphasis added by Appellants). See also, In re Royka, 490 F.2d 580 (C.C.P.A. 
1974). If the examiner fails to establish a prima facie case, the rejection is improper and will be 
overturned. In re Fine, 837 F-2d 1071, 1074, 5 USPQ2d 1596, 1598 (Fed. Cir. 1988). 
Appellants will now show that ajl of the claim limitati ons are not taught or suggested by the cited 
references. 

(i). Generally speaking, the present invention is directed to privacy policies, and in particular 
to methods and apparatus for creating a privacy policy. None of the cited references teach or 
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suggest any type of privacy policy, of the creation of a privacy policy. 

Specifically with respect to Claim 1 , such claim recites a data processing apparatus- 
implemented method for creating z privacy policy. In contrast, the teachings in the cited 
Moricom reference are directed to ensuring that clients are authorized to access securable 
components (Col- 13. lines 14-32) by use of a security policy (Claim 1). S^irit y and privacy are 
*™ vary differen t *™">y<* ™d th e t—W of one fswiiritv. as taught by Moriconi) does not 
t«.ri, or sugecst th» rprivacv. as claimed). For example, imagine a person living in a 
locked, bullet-proof glass house, where the glass is see-through. This locked, bullet-proof glass 
bouse is certainly secure, but it is not at all private. As another example, assume that an ID is 
required to authenticate that a user is who they are in order to receive a ballot for voting. 
However, the ballot itself has the user's name/identifier on it. The user has been authorized to 
vote, but the voting is certainly not private as the voter's name is in the ballot. Thus, 
authorization and privacy shown to be very different concepts, as will now be further described 
(with supporting evidence), and a teaching of one (security) does not teach or otherwise suggest 
the other (privacy). 

The following is an excerpt from a document entitled "Authorization and Privacy for 
Semantic Web Services", published by IEEE Distributed Online Systems, which is from the 
July/Aug 2004 issue of IEEE Intelligent systems. The document, which is attached hereto in 
Appendix A, was found by Appellants on the internet at 
http://dsonline.computer.Org/0410/f/x4kag.htm. 

Role of policies 

Policies specify who can use a service and under which conditions, how information 
should be provided to the service, and how the provided information will be used. 
Policies should be part of Web Service representations— particularly those on the 
Semantic Web (see the "Related Work" sidebar for more background information). 

In our work, a client-server model involves a client that wants to invoke a Web Service. 
We view the use of policies as symmetric — policies that constrain both the provider and 
requester. You can easily extend this model to a service-service architectural model. 

Here, we address two kinds of policies: privacy and authorization. Privacy policies 
specify under what conditions you can exchange information and the legitimate uses of 
that information. For example, a privacy policy might say that a provider could give a 
requester a key to access private information only if the key is encrypted during 



(Appeal Brief Page 12 of 33) 
Blcizefler et a). - 09/877,157 



PAGE 14/35 ' RCVD AT 1/3112005 2:04:49 PM [Eastern Standard Time] ' SVR:U$PT0€FXRF-1/5 ' DNIS:8729306 ' CS1D:9723857766 ' DURATION (mm-ss):09-54 



01/31/2005 13:02 9723857766 



YEE & ASSOCIATES 



PAGE 15 



transmission. When a requester discovers the policy, it should decide whether it can 
satisfy this condition. The requester might have its own privacy policy that requires 
keeping certain information confidential, so it likewise can't share unencrypted private 
information. The requestor's privacy policy prevents it from interacting with Web 
Services that don't perform the needed encryption. 

Privacy policies help specify data confidentiality during transmission as well as after 
receipt. Consider a service that says it won't distribute details it receives as input A 
requester that values privacy might see this as an important requirement 

You can interpret a Web Service's privacy policies as an obligation and contract For 
example, if after invocation, a service does provide a requester's details to a telemarketer, 
the person represented by the requester could take legal action against the service on the 
basis of the policy. As financial transactions become more common among Web Services 
and as Web Services start dealing with confidential information (such as names, 
addresses, social security numbers (SSNs), credit cards, and telephone numbers), more 
people will expect the enforcement of pri vacy policies. 

Authorization policies constrain the provider to accept requests for service only from 
certain clients. For example, a service's authorization policy could state that a requester 
must act on behalf of a person who belongs to a certain organi zational group and can 
prove membership with a digital certificate. Similarly, the requester could limit 
invocation to selected providers. 

This document clearly shows that authorization policies and privacy policies are not the same, 
and that one is not a subset of the other. They are different, Appellants urge that a teaching of 
authorization - as taught by the cited Moriconi reference - does not teach or suggest any type of 
privacy policy, as claimed. 

Also attached hereto in Appendix B is a datasheet from Electronic Data Systems 
Corporation (EDS) regarding their Security and Privacy Consulting Services. If security and 
privacy were coextensive, or even if one were a subset of the other, there would be no reason to 
include both terms in the title of this document as it would be redundant. Because each term is 
used in the title further evidences that one does not mean, or otherwise include/cover, the other. 

Thus, per the technological arts, authorization/security policies and privacy policies are 
different, and a teaching of one does not teach or suggest the other. 

Even in the non- technological arts, it is commonly known that in today's environment 
with terrorists-related concerns, people everywhere are having to make trade-offs regarding their 
own privacy in the name of security (as shown in Appendix C in a document entitled 'Trading 
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Privacy for Security Without a Thought", by EUen Goodman and posted at 
www.siliconvalley-com on Oct. 6, 2002). This further evidences that these terms (security and 
privacy) mean different things to those of ordinary skill in the art, and thus a teaching of one 
(security policy) does not teach or otherwise suggest the other (privacy policy). 

Therefore, it is shown that the Examiner has failed to establish a prima facie showing of 
obviousness with respect to Claim 1, as the cited reference does not teach or otherwise suggest 
any type of method for creating a privacy policy, or any step of creating a privacy policy based 
on a policy group, as expressly recited in Claim 1 , 

(ii). The Examiner takes the position that an authorization policy "by definition" is also 
enforcing a privacy policy. Appellants show two-fold error in such assertion. First, an 
authorization policy does not, by definition, also enforce a privacy policy. The Examiner 
provides no evidence whatsoever to substantiate such assertion, but rather makes a single 
sentence unsubstantiated assertion. Appellants have provided ample evidence (above) that an 
authorization policy is different from a privacy policy, and therefore an authorization policy does 
not, by definition, also enforce a privacy policy. 

Even assuming arguendo that an authorization policy does also enforce a privacy policy 
(which Appellants urge it does not), Claim 1 is not directed to enforcement of a privacy policy. 
Rather, Claim 1 is directed to the establishment or creation of a privacy policy. By analogy, 
legislatures make laws which the police enforce. Enforcement of laws (by the police) is very 
different from the process of establishing laws (by legislatures). Similarly, the Examiner's 
position that a teaching of an authorization policy **by definition" also enforces a privacy policy 
does not establish any teaching or suggestion of any step, process or method for creating a 
privacy policy, as expressly recited in Claim 1. Therefore, even assuming arguendo that the 
Examiner's assertion regarding authorization and privacy is true (which Appellants urge it is 
not), the Examiner has still failed to establish a prima facie showing of obviousness as the 
Examiner has failed to establish any teaching or suggestion of creating a privacy policy, or any 
step of creating a privacy policy based on a policy group. Thus, Claim 1 is further shown to 
have been erroneously rejected Claim 1 under 35 USC § 103. 
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(Hi)- Quite simply, a teaching of creating an authorization/security policy docs not teach or 
otherwise suggest any type of privacy policy, and in particular does not teach or suggest a method 
for creating a privacy policy, or any step of creating a privacy policy based on a policy group, as 
expressly recited in Claim 1, Thus, A prima facie case of obviousness has not been established 
by the Examiner with respect to Claim 1, and therefore Claim 1 is shown to have been 
erroneously rejected. 

B.2. Claim 4 (and Claim 15) 

Appellants further show error in the rejection of dependent Claim 4, as none of the cited 
references teach or otherwise suggest the claimed steps of updating a policy-wide property, and 
generating the privacy policy based on the policy- wide property. In rejecting Claim 4, the 
Examiner states that Moriconi teaches both of these claimed steps at column 5, lines 48-55. 
Appellants urge that there, Moriconi states: 

"The present invention includes a system and method for managing and 
enforcing complex security requirements in a distributed computer network, and 
comprises a policy manager located on a server for managing and distributing a 
policy to a client, and an application guard located on the client, the application 
guard acting to grant or deny access to various components of the client, as 
specified by the policy." (emphasis added by Appellants) 

As can be seen, this passage generally describes an ability to "manage" and "enforce" security 
requirements, including a policy manager for "managing" and "distributing" a policy to a client 
and an application guard that can "grant" or "deny" access to various client components as 
"specified" by a policy. This passage does not teach or otherwise suggest any step of Updating a 
policy-wide property" or "generating the privacy policy based on the policy-wide property", as 
expressly recited in Claim 4. Therefore, the Examiner has failed to establish a prima facie 
showing of obviousness with respect to Claim 4, and accordingly the burden has not shifted to 
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Appellants to rebut an obviousness assertion, to addition, as the Examiner has failed to properly 
establish a prima facie showing of obviousness, Claim 4 is shown to have been erroneously 
rejected pursuant to In re Fine, supra. 

B.3. Claim 5 (and Claim 1 6) 

With respect to Claim 5, Appellants urge that none of the cited references teach or suggest 
the claimed feature of '"wherein the step of generating a privacy policy comprises generating a 
human-readable version, of the policy". The Examiner states that although Moriconi docs not 
expressly teach this claimed step, 'It would be obvious that if the policy is manipulated via a GUI it 
would be readable to a user". Appellants urge that to the contrary, Moriconi teaches that policy 
rules developed at policy manager 210 are compiled into an optimized form before being 
distributed to target application guards (col 1 1 , lines 21-26). There is no teaching or suggestion 
that this optimized and compiled form is human-readable. The fact that a prior art device could be 
modified so as to produce the claimed device is not a basis for an obviousness rejection unless 
the prior art suggested the desirability of such a modification. In re Gordon, 733 F.2d 900, 221 
USPQ 1 125 (Fed Cir. 1984). The cited reference does not suggest any desire to modify the 
teachings contained therein to generate a human-readable version of the policy as a part of 
generating a privacy policy based on a policy group. Hence, it is shown that the Examiner's 
assertion that this missing claimed feature would have been obvious is not well founded in law or 
in fact, and thus Claim 5 has been erroneously rcjected. 

BA Claims 6 and 7 (and Claims 17 and 18) 

With respect to Claims 6 and 7, Appellants urge that none of the cited references teach or 
suggest the claimed feature of "wherein the human-readable version of the policy compri ses a 
hypertext markup language version of the policy" (Claim 6), or 6t whercin the step of generating a 
privacy policy comprises generating an extensible markup language version of the policy" (Claim 
7). The Examiner states that these claimed features are 'Svell-known" and thus "obvious". 
Appellants show error in such "well-known" basis for rejection- As stated by the Federal Circuit, 
"virtually all [inventions] are combinations of old elements." Environmental Designs, Ltd v. Union 
Oil Co., 713 F.2d 693, 698, 218 USPQ 865 7 870 (Fed. Cir. 1 983); see also Richdel, Inc. v. Sunspool 
Corp., 714 F.2d 1573, 1579-80, 219 USPQ 8, 12 (Fed. Cir. 1983) ("Most, if not all, inventions arc 
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combinations and mostly of old elements. 11 ). Therefore an examiner may often find every element 
of a claimed invention in the prior art. If identification of each claimed element in the prior art 
were sufficient to negate patentability, very few patents would ever issue. Furthermore, rejecting 
patents solely by finding prior art corollaries for the claimed elements would permit an examiner to 
use the claimed invention itself as a blueprint for piecing together elements in the prior art to defeat 
the patentability of the claimed invention- Such an approach would be "an illogical and 
inappropriate process by which to determine patentability." Senjonics, Inc. v. Aerosonic Corp., 81 
F.3d 1566, 1570 7 38 USPQ2d 1551, 1554 (Fed. Cir. 1996). Thus, the Examiner's a$sertion that the 
features of Claims 6 and 7 are well known and thus obvious is shown to be an erroneous basis for 
making an obviousness rejection- 

B.5. Claim tO (and Claim 21) 

Further with respect to Claim 10, Appellants urge that none of the cited references teach or 
suggest the claim ed feature of "wherein the step of generating a privacy policy further comprises 
generating a table of policy elements, wherein a policy element in the table of policy elements 
corresponds to the policy statement". In rejecting Claim 10, the Examiner states that the cited 
Moriconi reference teaches that rules are stored in a database/table at col. 4, lines 34-37. Appellants 
urge that Claim 10 goes beyond such Examiner assertion. The cited passage merely states that a 
policy server 'stores' and 'manages' the policy rules in a centrally administered database. In 
contrast, Claim 10 is a further refinement of Claim 9, and expressly recites a particular correlation 
between the information in the table and another item - the policy statement. In particular. Claim 
10 states that a policy element in the table of policy elements corresponds to the policy statement 
(the policy statem ent being defined in Claim 9 to be ''wherein the step of generating a privacy 
policy comprises generating a poli cy statement corresponding to the policy group'*)- The Examiner 
has not alleged, nor does the cited reference teach or suggest, any step of "generating a table of 
policy elements, wherein a policy element in the table of policy elements corresponds to the policy 
statement" (emphasis added by Appellants). Therefore, the Examiner has failed to establish a 
prima facie showing of obviousness with respect to Claim 10, and accordingly the burden has not 
shifted to Appellants to rebut an obviousness assertion. In addition, as the Examiner has failed to 
properly establish a prima facie showing of obviousness, Claim 10 is shown to have been 
erroneously rejected pursuant to In re Fine, supra. 
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B.6. Claim 1 1 (and Claim 22) 

Further with respect to Claim 11, Appellants urge that none of the cited references teach or 
suggest the claimed steps of identifying an error in the privacy policy, and generating an error 
statement describing the error. As none of the cited references teach or suggest any type of privacy 
policy, it necessarily follows that the cited references do not teach or suggest any step of identifying 
an error in such (missing) privacy policy. Further, there is no teaching/suggestion of generating an 
error statement describing the error. The Examiner acknowledges this teaching deficiency of the 
cited references, but states that this step is * VeU-known" and thus obvious. For similar reasons to 
those described above with respect to Claims 6 and 7, such (t well-known" rationale is not a proper 
basis for making an obviousness rejection. Thus, Claim 1 1 is further shown to have been 
erroneously rejected for at least two additional reasons. 

B.7. Claim 23 

With respect to Claim 23, Appellants urge that none of the cited references teach ot 
suggest an interface for creating a privacy policy, comprising a first portion for displaying 
predefined data elements, a second portion for displaying groups of data elements, wherein a 
group of data elements shares at least one common property, and a third portion for displaying a 
privacy policy generated from the groups of data elements. In rejecting Claim 23, the Examiner 
states that Moriconi teaches an interface comprising a first portion for displaying predefined data 
elements at col. 9, lines 45-50, and a second portion for displaying groups of data elements at 
Figure 4. Appellants urge that while the cited passage at col. 9 mentions a graphical user 
interface, it generally describes such interface as providing a user-friendly set of menu options or 
management services to fully "operate** the policy manager. Moriconi Figure 4 does not describe 
any specific aspect of a user interface. In contrast, the first two claimed features of Claim 23 
specifically recite an interface having two distinct portions - a first portion (for displaying 
predefined data elements) and a second portion (for displaying groups of data elements). 
Contrary to the Examiner's assertion, the cited Moriconi reference does riot teach or otherwise 
suggest an interface having these two specific portions. 

Still further with respect to Claim 23, the Examiner acknowledges that the cited Moriconi 
reference does not teach an interface having a third portion for displaying a privacy policy 
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generated from the groups of data elements, but states that the cited Abraham reference teaches 
this claimed third portion in the Abstract. Appellants urge that this cited Abraham passage 
merely states that a graphical user interface is provided such that an operator can input (1) vital 
information, (2) mapping information, and (3) policies. Appellants urge that a teaching of 
providing a graphical user input that allows a user to input various information does not teach or 
otherwise suggest specific details of the interface, and in particular does not teach or otherwise 
suggest an interface having a third portion for displaying a privacy policy generated from the 
groups of data elements. Therefore, the Examiner has failed to establish a prima facie showing 
of obviousness with respect to Claim 23, and accordingly the burden has not shifted to 
Appellants to rebut an obviousness assertion. In addition, as the Examiner has failed to properly 
establish a prima facie showing of obviousness, Claim 23 is shown to have been erroneously 
rejected pursuant to In re Fine, supra. 

Finally, even when combining the teachings of the two cited references, there is still no 
teaching or suggestion of an interface having three distinct portions - a first portion (for 
displaying predefined data elements), a second portion (for displaying groups of data elements), 
and a third portion (for displaying a privacy policy generated from the groups of data elements). 
This further evidences that Claim 23 has been erroneously rejected under 35 U.S.C. § 103, as all 
claimed features are not taught or suggested by the cited references. 
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In conclusion, all claims recite statutory subject matter. In addition, none of the cited 
references teach or otherwise suggest any type of privacy policy \ and in particular the cited 
references do not teach or suggest a method foi creating a privacy policy, or any step of creating 
a privacy policy based on a policy group. Thus, a prima facie case of obviousness has not been 
established by the Examiner, and therefore all claims are shown to have been erroneously 
rejected. Accordingly, Appellants urge that the rejection of $uch claims be reversed by the 
Boaid. 
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CLAIMS APPENDIX 

The text of the claims involved in the appeal axe; 

1 . A data processing apparatus-implemented method for creating a privacy policy, 
comprising data processing apparatus-implemented steps of: 

creating a policy group; 

moving a data element to the policy group; and 

generating a privacy policy based on the policy group. 

2. The method of claim 1 , wherein the data element is a predefined data element. 

3. The method of claim 1, wherein the data element comprises at least one sub-element. 

4. The method of claim 1, further comprising: 
updating a policy-wide property; and 

generating the privacy policy based on the policy-wide property. 

5 . The method of claim I , wherein the step of generating a privacy policy comprises 
generating a human-readable version of the policy. 

6. The method of claim 5, wherein the human-readable version of the policy comprises a 
hypertext markup language version of the policy. 
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7. The method of claim 1, wherein the step of generating a privacy policy comprises 
generating an extensible markup language version of the policy. 

8. The method of claim 1 , wherein the step of generating a privacy policy comprises 
generating a compact policy. 

9. The method of claim 1 , wherein the step of generating a privacy policy comprises 
generating a policy statement corresponding to the policy group. 

10. The method of claim 9, wherein the step of generating a privacy policy further comprises 
generating a table of policy elements, wherein a policy element in the table of policy elements 
corresponds to the policy statement. 

1 1. The method of claim 1 , further comprising: 
identifying an error in the privacy policy; and 
generating an error statement describing the error. 

12. An apparatus for creating a privacy policy, comprising: 
creation means for creating a policy group; 

movement means for moving a data element to the policy group; and 
generation means for generating a privacy policy based on the policy group. 

13. The apparatus of claim 12, wherein the data element is a predefined data clement. 
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14. The apparatus of claim 12, wherein the data element comprises at least one sub-element. 

1 5 . The apparatus of claim J 2, further comprising: 
means for updating a policy-wide property; and 

means for generating the privacy policy based on the policy-wide property. 

16. The apparatus of claim 12, wherein the generation mean s comprises means for generating 
a human-readable version of the policy. 

17. The apparatus of cl aim 16, wherein th e human-readable version of the policy comprises a 
hypertext markup language version of the policy. 

18. The apparatus of claim 19, wherein the generation means comprises means for generating 
an extensible markup language version of the policy. 

19. The apparatus of claim 12, wherein the generation means comprises means for generating 
a compact policy, 

20. The apparatus of claim 12, wherein the generation means comprises means for generating 
a policy statement corresponding to the policy group. 
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21 . The apparatus of claim 20, wherein the generation means further comprises means for 
generating a table of policy elements, wherein a policy element in the table of policy elements 
corresponds to the policy statement. 

22. The apparatus of claim 1 2, further comprising: 
means for identifying an error in the privacy policy; and 
means for generating an error statement describing the error. 



23. An interface for creating a privacy policy, comprising: 
a first portion for displaying predefined data elements; 

a second portion for displaying groups of data elements, wherein a group of data elements 
shares at least one common property; and 

a third portion for displaying a privacy policy generated from the groups of data elements. 



24. A computer program product, in a computer readable medium, for creating a privacy 

policy, comprising: 

instructions for creating a policy group; 

instructions for moving a data element to the policy group; and 

instructions for generating a privacy policy based on the policy group* 
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EVIDENCE APPENDIX 

Evidence Appendix follows. 
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